Is it possible to use openvpn to access the internet and use the address as a red interface?
Reason:
- Anti-censorship and anonymity
- Use openvpn ip as external access with fixed ip to the Nethserver
Yes, any OpenVPN client will achieve this. Although you may have to do some set-up outside of the NS UI because the tunnel client set-up panels are geared to an NS ↔ NS tunnel and not a commercial OpenVPN server.
Not that I know of as there would be no way to route unsolicited traffic down to your OpenVPN client, even if the VPN provider has the option of a fixed/static IP.
Cheers.
No. Unless there are explicit means to prevent this (like provider firewall or provider NAT), every public IP is reachable from the every other IP on the internet. If the nethserver openvpn client IP is a public IP, it is reachable from every other IP. Several openvpn providers explicitly offer fixed openvpn IPs to solve the problem, that a static IP is needed for incoming mail traffic and many internet providers only provide dynamic adresses.
See here: VPN-Tunnel via PPTP und OpenVPN (Tarife) - PortunityAccess
Or here: Public IPv4 address | OVPN.com
Or here: Feste, öffentliche IPv4-Adresse mieten
I installed a openvpn conf file in /etc/openvpn and are able to start the vpn. However I am not able to define this interface as a wan interface. Any hints how to do it?
I hope that @alefattorini could take some time to read this topic and raise or a feature request or a statement for the distribution.
I don’t see how that could possibly work. You need a normal WAN interface to your ISP, and then all the OpenVPN traffic flows over that, based on the routing tables.
Cheers.
Just like a PPPOE internet connection I want the OPENVPN connection to be THE internet connection. The direct internet connection should not be used (or maybe as backup) or only for certain type of traffic. As far as I know it is possible to define a PPPOE adapter as a red WAN interfaec in NS (btw: How?). So how to define the OpenVPN adapter as a WAN interface?
A workaround wound be to create another VM, install OpenVPN in this VM and forwarding all traffic to another new virtual VM network adapter in NS which is configured as a red WAN interface in NS.
However this setup is quite complicated and it would be much easierer and better to define the OpenVPN network adapter (TUN) as a red WAN interface.
Bump. There should be a way to configure a dial out OpenVpn as THE primary internet red interface. Fixed IPs are not eady to get in Germany (or very expensive) so a simple solution is to use a service like OVPN with Fixed IP option: https://www.ovpn.com/en/features/public-ipv4
But now I have to configure NS to use this Openvpn line as the internet line.